News

Securities.io

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
Security Boulevard

The Complete Guide to Google One Tap Login: Everything Developers Need to Know

Boost user signups by 90% with Google One Tap Login! This complete 2025 guide covers implementation, security considerations, ...

A Blessing for Front-End Development: One Line of Code to Solve Cross-Origin Issues, In-Depth Analysis of New JavaScript Features

Cross-Origin Resource Sharing (CORS) issues have long been a nightmare for front-end developers, especially when building complex Javaapplications. Traditional solutions, such as ...
Infosecurity Magazine

Open Source Community Thwarts Massive npm Supply Chain Attack

What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source ...
Security Boulevard

How One Phishing Email Compromised 18 npm Packages and Billions of Installs

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...
Developer Tech

Escalating npm supply chain malware attack drains crypto wallets

An escalating npm supply chain attack has compromised dozens of foundational JavaScript packages to spread malware and drain crypto wallets.